Gov't offices big targets for cyber spying attempts

Vietnam has recently become the main target of a series of large-scale
cyber spying activities, such as LURID, Operation Shady RAT and the
Byzantine Hades attacks.

This was revealed by Colonel Nguyen Van
Thinh, deputy head of the Department of Cyber Security under the
Ministry of Public Security, at the Security World 2015 conference held
in Hanoi on March 25.

He said the ministry detected various malwares penetrating computer systems of various governmental and ministerial agencies.

The
ministry also discovered that foreign hackers were launching
large-scale spying campaigns to attach malware, with nearly 100
different samples, into email systems of the Party, and the government's
offices, Thinh said.

“They are targeted attacks that are aimed
at officers of the government and the party's agencies. Based on our
analysis, the malware with sophisticated design has been inserted into
documents and exploits a zero-day hole," he said.

According to
Thinh, in 2014 alone, the ministry had discovered that nearly 6,000
Vietnamese online news pages and online news portals were attacked,
losing administrative rights and its contents were amended. Out of them,
246 pages were of government's agencies, ending with the domain name
gov.vn.

"Especially last year, after China's illegal placement of
the Haiyang Shiyou 981 inside Vietnamese waters and its exclusive
economic zone, foreign hackers had attacked more than 700 local online
pages, and more than 400 online pages on the occasion of the
Independence Day on September 2 and inserted distorted content on
Vietnam's sovereignty over the Hoang Sa (Paracel) archipelago," Thinh
said.

According to the Kaspersky Security Bulletin 2014, there
were 1.4 million malware attacks on the Android operating system last
year, which was four times higher than 2013. Vietnam was ranked sixth in
the top 10 countries worldwide, based on the number of users attacked
by malware.

In terms of security risks, Vietnam ranked in the
fourth place globally with nearly half of users at risk of malware
infection while using the Internet. The country was at the top position
with about 70 percent of computer users susceptible to malware and
malicious software via USB and memory cards.

Attending the
conference, Richard Staynings, Director of Cyber Security Solutions at
Cisco Systems, called for standard issuance to ensure privacy and
information security in the age of the Internet of Things. He said that
the more Internet-connected devices increased, the more security risks
we would have, and it would pose a threat to network security both
internally and externally at various organisations.

Staynings
said the Internet of Things had posed security challenges and there
would soon be a need for new ways to control Internet-connected devices.

Themed
Strengthening Information to Protect Privacy and Enable Trust in
Today's Risk Landscape, the event was aimed at assessing information
security threats to organisations and to put forward key initiatives
that would help businesses keep pace with constantly evolving threats
and security requirements in today's interconnected business ecosystem.

The
conference was organised by the Ministry of Public Security, Ministry
of Information and Communications, the IT & Cyber Security
Monitoring Centre under the Government Committee for Cipher, in
collaboration with the International Data Group in Vietnam.-VNA